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1 . Claims 1-111 are pending. 

2. This is a continuation-in-part of 09/602,129 filed 6/23/2000. 

3. The Co-pending information and corrected paragraph [0088] in 
specification have been recorded. 

Response to Arguments 

4. Applicant's arguments filed 12/28/04 with respect to claims 1-111 have 
been considered but are moot in view of the new ground(s) of rejection. 

Claim Rejections - 35 USC § 102 
The following is a quotation of the appropriate paragraphs of 35 

U.S.C. 102 that form the basis for the rejections under this section made in this 

Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 
122(b), by another filed in the United States before the invention by the applicant for patent or 
(2) a patent granted on an application for patent by another filed in the United States before 
the invention by the applicant for patent, except that an international application filed under 
the treaty defined in section 351 (a) shall have the effects for purposes of this subsection of an 
application filed in the United States only if the international application designated the United 
States and was published under Article 21(2) of such treaty in the English language. 

Claims 1-25,29-40,50-62,64-85,87-99,102,103,105-111 are rejected under 
35 U.S.C. § 102(e) as being anticipated by Dutta et al [Dutta, 6,826,694 B1]. 

5. As per claim 1 , Dutta discloses a method of processing a first data packet 
transmitted over a network from a source to a first recipient, said first data packet 
comprising a header layer and an application data layer [Dutta, a firewall 
intercepts packets from source to destination, a header and a payload, col 1 lines 
15-45; the first packet, col 3 line 2], said method comprising: 
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(a) capturing said first data packet from said network prior to its reception 
by said first recipient [Dutta, a firewall intercepts packets prior to its received by 
an intended destination node, col 1 lines 15-45]; 

(b) analyzing said header layer of said first data packet according to a first 
rule [Dutta, a set of rules, the first rule, second rule, third rule based upon the 
domain name, col 1 lines 45-65, col 2 lines 47-65; analyzed by an access rule, 
col 3 lines 9-50]; 

(c) examining (i.e.: filtering), selectively, a dynamically specified portion of 
said application data layer of said first data packet according to a second rule 
[Dutta, filtering device, col 3 line 55-col 4 line 6; analyzes the contents of a 
packet and selects an access rule which dynamically formulated by the proxy, col 
4 lines 59-67. Dutta discloses the processor selects an access rule based upon 
the contents of the payload of received packet, performing the action, col 4 lines 
28-40. It clearly that the set of rules provides different actions based upon the 
different content packets]; 

(d) determining a first action to be taken on said first data packet 
according to a third rule [Dutta, determined if the prescribed action of the rule is 
to refer, col 3 lines 9-29]; and 

(e) performing said first action on said first data packet [Dutta, action is 
performed, col 3 lines 9-29; the rule prescribes an action, col 4 lines 41-58]. 

6. Claim 2 contains the similar limitations set forth in claim 1 . Therefore claim 
2 is rejected for the same rationale set forth in claim 1 . 
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7. As per claim 3, Dutta discloses intercepting said first data packet prior to 
receipt by a network router or firewall [Dutta, firewall, col 1 lines 29-44]. 

8. As per claim4, Dutta discloses (f) allowing redefinition of said first, second 
and third rules by an entity external to said packet interceptor [Dutta, a node 
external to the firewall, col 2 lines 35-39]. 

9. As per claim 5, Dutta discloses allowing dynamic redefinition [Dutta, 
dynamically formulated by the proxy, col 4 lines 59-67]. 

10. As per claim 6, Dutta discloses (f) redefining, remotely, said first, second 
and third rules [Dutta, a set of rules,the first rule, second rule, third rule based 
upon the domain name, col 1 lines 45-65, col 2 lines 47-65]. 

11. As per claim 7, Dutta discloses said second and third rules are based at 
least in part on said analysis of said header [Dutta, the rule that corresponds to 
the received packet, col 2 lines 40-46]. 

12: As per claim 8, Dutta discloses determining a first result of said first rule, 
said examining further comprises determining a second result of said second 
rule, said determining further comprising determining said first action to be taken 



Application/Control Number: 09/858,309 Page 5 

Art Unit: 2142 

on said first data packet according to said first and second results as inherent 
feature of the set of rules. 

13. As per claim 9, Dutta discloses predefining said first, second and third 
rules as inherent feature of the set of rules. 

14. As per claim 10, Dutta discloses no analysis of said header layer 
according to said first rule as inherent feature of the set of rules. 

1 5. As per claim 1 1 , Dutta discloses no examination of said application data 
layer according to said second rule as inherent feature of the set of rules. 

16. As per claim 12, Dutta discloses a network address, said analyzing further 
comprises analyzing said network address according to said first rule [Dutta, 
source address, col 3 lines 39-50]. 

17. As per claim 13, Dutta discloses determining whether said network 
address matches a pre-defined criteria [Dutta, prescribed action, col 4 lines 28- 
40] 

18. As per claim 14, Dutta discloses a network address and said network 
address comprises a transport control port address [Dutta, destination port, col 2 
lines 20-34]. 
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19. As per claim 15, Dutta discloses a network address and said network 
address comprises an Internet protocol address [Dutta, IP, col 2 lines 20-34]. 

20. As per claim 16, Dutta discloses a network address and said network 
address comprises a media access control address [Dutta, source port, col 2 
lines 20-34]. 

21. As per claim 17, Dutta discloses application data generated by said 
source [Dutta, header and payload, col 1 lines 29-44]. 

22. As per claim 18, Dutta discloses a uniform resource locator and further 
wherein said second rule comprises determining whether said uniform resource 
locator matches a pre-defined criteria [Dutta, URL, col 2 lines 47-65]. 

23. As per claim 1 9, Dutta discloses forwarding said first data packet to an 
entity external to said packet interceptor, said external entity being different from 
said first recipient [Dutta, the firewall decides whether to PASS or DROP the 
packets, col 3 lines 9-29]. 

24. As per claim 20, Dutta discloses the first action comprises releasing said 
first data packet to said network [Dutta, the firewall decides whether to PASS or 
DROP the packets, col 3 lines 9-29]. 
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25. As per claim 21 , Dutta discloses said first action comprises copying said 
first data packet to a second data packet; and forwarding said second data 
packet to an entity external to said packet interceptor, said external entity being 
different from said first recipient as inherent features of a prescribed actions. 

26. As per claim 22, Dutta discloses said first action further comprises 
receiving a command from said external entity dictating a second action be taken 
on said first data packet as inherent features of a prescribed actions. 

27. As per claim 23, Dutta discloses said second action comprises deleting 
said first data packet [Dutta, DROP action, col 3 lines 39-50]. 

28. As per claim 24, Dutta discloses second action comprises releasing said 
first data packet to said network [Dutta, PASS action, col 4 lines 1-6]. 

29. As per claim 25, Dutta discloses releasing said first data packet to said 
network [Dutta, network 210, Fig 2]. 

30. As per claim 29, Dutta discloses said first action comprises transmitting a 
response to said source based on said first data packet according to a fourth rule 
[Dutta, a set of rules, col 3 lines 9-29]. 
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31 . As per claim 30, Dutta discloses said first action further comprises 
configuring said response to appear to originate from said first recipient [Dutta, 
configuration, col 5 lines 25-32]. 

32. As per claim 31 , Dutta discloses (f) determining which of said plurality of 
rule sets to apply to said first data packet [Dutta, a set of rules, col 3 lines 9-29]. 

33. As per claim 32, Dutta discloses (f) facilitating performing (a), (b), (c), (d) 
and (e) non-invasively with respect to said network for a plurality of entities 
external to said packet interceptor as inherent feature of the filtering device. 

34. As per claim 33, Dutta discloses said method further comprising 
performing (a), (b), (c),(d) and (e) by a router [Dutta, a firewall, col 1 lines 29-44]]. 

35. As per claim 34, Dutta discloses (f) receiving a second data packet from 
an entity external to said packet interceptor, said second data packet directed to 
said packet interceptor; and (g) introducing said second data packet into said 
network as inherent feature of the filter mechanism. 

36. As per claim 35, Dutta discloses said network is characterized by a wire 
speed, said method further comprising performing (a)-(e) at least at said wire 
speed as inherent feature of Internet [Dutta, Internet, col 4 line 10]. 
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37. As per claim 36, Dutta discloses said first data packet is characterized 
seven Open Systems Interconnection (OSI) defined layers, said dynamically 
specified portion comprising any at least one of said seven layers of the filter 
mechanism. 

38. As per claims 37,38 Dutta discloses said network comprises an optical 
network or an electrical network as inherent feature of Internet. 

39. Claim 39 contains the similar limitations set forth in claim 1. Therefore 
claim 39 is rejected for the same rationale set forth in claim 1. 

40. As per claim 40, Dutta discloses performing (a)-(e) invisibly to at least one 
of said source and said first recipient (I.e.: destination) [Dutta, a firewall functions 
as proxy between the source and destination, col 1 lines 29-44. It clearly that the 
source address is invisible by the destination]. 

41. Claims 50-62,64-85,87-99,102,103,105-111 contain the similar limitations 
set forth of claims 1-25,29-40. Therefore, claims 50-62,64-85,87-99,102,103,105- 
1 1 1 are rejected for the similar rationale set forth in claims 1-25,29-40. 



Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for 
all obviousness rejections set forth in this Office action: 
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(a) A patent may not be obtained though the invention is not identically disclosed or described 
as set forth in section 1 02 of this title, if the differences between the subject matter sought to 
be patented and the prior art are such that the subject matter as a whole would have been 
obvious at the time the invention was made to a person having ordinary skill in the art to which 
said subject matter pertains. Patentability shall not be negatived by the manner in which the 
invention was made. 

Claims 26-28, 41-49,63,86,100,104 are rejected under 35 U.S.C. 103(a) 
as being unpatentable over Dutta et al [Dutta, 6,826,694 B1] in view of Kloth 
[6,598,034 B1]. 

42. As per claim 26, Dutta discloses a system and method for access control 
using a firewall with filtering device to apply a rule to a packet based upon the 
contents. However Dutta does not explicitly de tail 

modifying said first data packet; and releasing said modified first data 
packet to said network. 

In the same endeavor, Kloth discloses a apparatus and method that 
provides a routing engine for processing data packets based upon certain rules 
including the data packets can be altered or modified as a result of the detect 
patterns [Kloth, modified packets, col 4 lines 38 et seq.] 

Therefore it would have been obvious to an ordinary skill in the art at the 
time of the invention was made to incorporate the modifying packet as taught by 
Kloth into the Dutta's apparatus in order to utilize the rules. Doing so would 
provide additional capabilities to the firewall processing functions. 

43. As per claim 27, Dutta-Kloth disclose modifying at least a portion of said 
header layer [Klot, modified packets, col 4 lines 38 et seq.] 
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44. As per claim 28, Dutta-Kloth disclose modifying at least a portion of said 
application data layer [Kloth, modified packets, col 4 lines 38 et seq.]. 

45. As per claim 41 , Dutta-Kloth disclose A method of processing a first data 
packet directed to a first recipient over a network, said first data packet 
comprising header data and application data, said method comprising: 

(a) intercepting said first data packet prior to receipt by said first recipient 
[Dutta, a firewall intercepts packets prior to its received by an intended 
destination node, col 1 lines 15-45]; 

(b) capturing said first data packet in a buffer [Kloth, buffer 712, Fig 7]; 

(c) analyzing, selectively, said header data according to a first rule [Dutta, 
firewall, header, col 1 lines 15-45]; 

(d) analyzing, selectively, a dynamically specified portion of said 
application data according to a second rule [Dutta, analyzes the contents of a 
packet and selects an access rule which dynamically formulated by the proxy, col 
4 lines 59-67]; 

(e) copying (i.e.: shared, distribute, parse), selectively, said first data 
packet and forwarding, selectively, said copied first data packet to a second 
recipient different from said first recipient according to a third rule [Kloth, 
distributed system, col 15 lines 20-38. It is clearly that the Internet server 
distributed or copied a same file to different client nodes]; 

(f) releasing, selectively, said first data packet back to said network 
according to a fourth rule [Dutta, PASS action, col 4 lines 1-6]; 
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(g) modifying, selectively, said first data packet and releasing, selectively, 
said modified first data packet back to said network according to a fifth rule 
[Kloth, modified packets, col 4 lines 38 et seq.]; 

(h) deleting, selectively, said first data packet from said buffer according to 
a sixth rule [Dutta, DROP action, col 3 lines 39-50; and 

(i) storing, selectively, information about said first data packet according to 
a seventh rule [Kloth, IP packet stored in the router engine, col 42-60]. 

46. As per claim 42, Dutta-Kloth disclose (j) receiving a second data packet 
from said second recipient and introducing said second data packet into said 
network [Dutta, a combination of the contents and header parameters or the 
packet, col 4 lines 28-40]. 

47. As per claim 43 Dutta-Kloth disclose (j) redefining said first, second, third, 
fourth, fifth, sixth and seventh rules by said second recipient [Dutta, a set of 
rules, col 3 lines 9-29]. 

48. As per claims 44-47 Dutta-Kloth disclose a compound operation [Dutta, a 
combination of the contents and header parameters or the packet, col 4 lines 28- 
40]. 

49. As per claim 48 Dutta-Kloth disclose (j) generating a second data packet 
directed to said source in response to said first data packet according to a eighth 
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rule [Dutta, Peer A and Peer B, col 3 lines 55-col 4 line 6]. 



50. As per claim 49 Dutta-Kloth disclose (e), (f), (g) and (h) in response to a 
command from said second recipient [Kloth, command, col 9 lines 5-25]. 



51. Claims 63,86,100,104 contain the similar limitations set forth of claims 26- 
28. Therefore, claims 63,86,100,104 are rejected for the similar rationale set forth 
in claims 26-28. 



52. As per claim 101 , Dutta-Kloth disclose adapting a content of said 
application data layer [Dutta, an access rule based upon the content of the 
payload, col 4 lines 28-40]. 



Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to examiner Thong Vu, whose telephone number is (571)- 
272-3904. The examiner can normally be reached on Monday-Thursday from 8:00AM- 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Andrew Caldwelll, can be reached at (571) 272-3868. The fax number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval IPAIRI system. Status information for 
published applications may be obtained from either Private PMR or Public PMR. Status 
information for unpublished applications is available through Private PAIR only. For 
more information about the PAIR system, see http ://pair-direct.uspto . gov . Should you 
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